[strongSwan] NO_PROPOSAL_CHOSEN error
Farid Farid
farid21657 at yahoo.com
Tue Aug 27 03:56:11 CEST 2013
Helo Everyone,
I have two machines one Ubunto 12.0 with strongSwan 4.5.2.1 and one a Openwrt router running strongswan 5.0.4.1.
I am configuring a simple host-host topology with secret key ( password). I ran >>ipsec start --nofork on ubuntu machine and >>ipsec up conn on Openwrt router .You can see below that I get error of No_PROPOSAL_CHOSEN.
I haven't set any ike and esp and I chose ikev2. Do I need to chose some specefic esp/ike for both sides? I though by default they should be able to select proper protocol.
Or there is something else missing here.
Appreciet yor help.
Farid
resasalehi at CLD-WKSRSALEH2:~/Desktop/svn/lmu5000-base$ sudo ipsec start --nofork
Starting strongSwan 4.5.2 IPsec [starter]...
00[DMN] Starting IKEv2 charon daemon (strongSwan 4.5.2)
00[KNL] listening on interfaces:
00[KNL] eth0
00[KNL] 192.168.1.209
00[KNL] fe80::20a:f7ff:fe09:720f
00[KNL] eth3
00[KNL] 192.168.45.160
00[KNL] fe80::b6b5:2fff:fed9:4f88
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading
ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[CFG] loaded IKE secret for @lmu209 @lmu55
00[CFG] sql plugin: database URI not set
00[LIB] plugin 'sql': failed to load - sql_plugin_create returned NULL
00[CFG] loaded 0 RADIUS server configurations
00[LIB] plugin 'medsrv' failed to load: /usr/lib/ipsec/plugins/libstrongswan-medsrv.so: cannot open shared object file: No such file or directory
00[CFG] mediation client database URI not defined, skipped
00[LIB] plugin 'medcli': failed to load - medcli_plugin_create returned NULL
00[CFG] HA config misses local/remote address
00[LIB] plugin 'ha': failed to load - ha_plugin_create returned NULL
00[DMN] loaded plugins: test-vectors curl ldap aes des sha1 sha2 md5 random x509
revocation constraints pubkey pkcs1 pgp pem openssl fips-prf gmp agent pkcs11 xcbc hmac ctr ccm gcm attr kernel-netlink resolve socket-raw farp stroke updown eap-identity eap-aka eap-md5 eap-gtc eap-mschapv2 eap-radius eap-tls eap-ttls eap-tnc nm dhcp led addrblock
00[JOB] spawning 16 worker threads
charon (24825) started after 40 ms
04[CFG] received stroke: add connection 'desktop'
04[CFG] left nor right host is our side, assuming left=local
04[CFG] added configuration 'desktop'
12[NET] received packet: from 192.168.1.55[500] to 192.168.1.209[500]
12[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
12[IKE] no IKE config found for 192.168.1.209...192.168.1.55, sending NO_PROPOSAL_CHOSEN
12[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
12[NET] sending packet: from 192.168.1.209[500] to 192.168.1.55[500]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130826/6567a906/attachment.html>
More information about the Users
mailing list